Package org.apache.jackrabbit.oak.spi.security.authorization.permission

Examples of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission


            if (!permissionProvider.getRepositoryPermission().isGranted(toTest)) {
                throw new CommitFailedException(ACCESS, 0, "Access denied");
            }
            return null; // no need for further validation down the subtree
        } else {
            TreePermission tp = parentPermission.getChildPermission(tree.getName(), tree.getNodeState());
            if (!tp.isGranted(toTest)) {
                throw new CommitFailedException(ACCESS, 0, "Access denied");
            }
            if (noTraverse(toTest, defaultPermission)) {
                return null;
            } else {
View Full Code Here


        @Nonnull
        @Override
        public ChildNodeEntry apply(@Nonnull ChildNodeEntry input) {
            String name = input.getName();
            NodeState child = input.getNodeState();
            TreePermission childContext = treePermission.getChildPermission(name, child);
            SecureNodeState secureChild = new SecureNodeState(child, childContext);
            if (child.getChildNodeCount(1) == 0
                    && secureChild.treePermission.canRead()
                    && secureChild.treePermission.canReadProperties()) {
                // Since this is an accessible leaf node whose all properties
View Full Code Here

        acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.JCR_READ), true);
        acl.addEntry(testPrincipal, privilegesFromNames(PrivilegeConstants.REP_READ_PROPERTIES), false);
        acMgr.setPolicy("/test", acl);
        root.commit();

        TreePermission tp = getTreePermission("/test");

        assertFalse(tp.canReadProperties());
        assertTrue(tp.canRead());
        assertFalse(tp.canReadProperties());
    }
View Full Code Here

        NodeUtil ace = new NodeUtil(policyTree).addChild("ace2", NT_REP_DENY_ACE);
        ace.setNames(REP_PRIVILEGES, PrivilegeConstants.REP_READ_PROPERTIES);
        ace.setString(REP_PRINCIPAL_NAME, getTestUser().getPrincipal().getName());
        root.commit();

        TreePermission tp = getTreePermission("/test");

        assertFalse(tp.canReadProperties());
        assertTrue(tp.canRead());
        assertFalse(tp.canReadProperties());
    }
View Full Code Here

            Root r = testSession.getLatestRoot();
            Root immutableRoot = new ImmutableRoot(r);

            PermissionProvider pp = createPermissionProvider(testSession) ;
            assertTrue(r.getTree("/").exists());
            TreePermission tp = pp.getTreePermission(immutableRoot.getTree("/"), TreePermission.EMPTY);
            assertSame(TreePermission.ALL, tp);

            for (String path : READ_PATHS) {
                Tree tree = r.getTree(path);
                assertTrue(tree.exists());
View Full Code Here

        this(getTreePermission(permissionProvider, after.exists() ? after : before, basePath));
    }

    private static TreePermission getTreePermission(PermissionProvider permissionProvider,
            NodeState root, String basePath) {
        TreePermission treePermission = permissionProvider.getTreePermission(
                new ImmutableTree(root), TreePermission.EMPTY);

        for (String name : PathUtils.elements(basePath)) {
            root = root.getChildNode(name);
            treePermission = treePermission.getChildPermission(name, root);
        }
        return treePermission;
    }
View Full Code Here

            return super.createValidator(parentBefore, parentAfter, parentPermission, parentValidator);
        }
    }

    private Validator visibleValidator(ImmutableTree source, ImmutableTree dest) {
        TreePermission tp = getParentPermission().getChildPermission(source.getName(), source.unwrap());
        Validator validator = super.createValidator(source, dest, tp, this);
        return new VisibleValidator(validator, true, false);
    }
View Full Code Here

            if (!permissionProvider.getRepositoryPermission().isGranted(toTest)) {
                throw new CommitFailedException(ACCESS, 0, "Access denied");
            }
            return null; // no need for further validation down the subtree
        } else {
            TreePermission tp = permissionProvider.getTreePermission(tree, parentPermission);
            if (!tp.isGranted(toTest)) {
                throw new CommitFailedException(ACCESS, 0, "Access denied");
            }
            if (noTraverse(toTest, defaultPermission)) {
                return null;
            } else {
View Full Code Here

            Root r = testSession.getLatestRoot();
            Root immutableRoot = new ImmutableRoot(r, TreeTypeProvider.EMPTY);

            PermissionProvider pp = createPermissionProvider(testSession) ;
            assertTrue(r.getTree("/").exists());
            TreePermission tp = pp.getTreePermission(immutableRoot.getTree("/"), TreePermission.EMPTY);
            assertSame(TreePermission.ALL, tp);

            for (String path : READ_PATHS) {
                Tree tree = r.getTree(path);
                assertTrue(tree.exists());
View Full Code Here

                        // TODO (or item in the subtree) but that item no longer exists
                        // TODO -> evaluation by path would be more accurate (-> see #isGranted)
                        while (!versionableTree.exists()) {
                            versionableTree = versionableTree.getParent();
                        }
                        TreePermission pp = getParentPermission(versionableTree, TreeTypeProvider.TYPE_VERSION);
                        return new TreePermissionImpl(versionableTree, TreeTypeProvider.TYPE_VERSION, pp);
                    }
                }
            case TreeTypeProvider.TYPE_INTERNAL:
                return TreePermission.EMPTY;
View Full Code Here

TOP

Related Classes of org.apache.jackrabbit.oak.spi.security.authorization.permission.TreePermission

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.